Created
March 18, 2020 17:50
-
-
Save jotraverso/b2dc4f5e74ba01bfe65001928e9f314f to your computer and use it in GitHub Desktop.
Ligthning Web Components - window.sessionStorage encrypted sensible data
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//APEX Code | |
@AuraEnabled(cacheable = false) | |
public static String decryptToken(String encryptedToken) { | |
Blob key = EncodingUtil.base64Decode(MY_CUSTOM_SETTING_INSTANCE.Secure_Secret__c); | |
Blob data = EncodingUtil.base64Decode(encryptedToken); | |
Blob decrypted = Crypto.decryptWithManagedIV(MY_CUSTOM_SETTING_INSTANCE.Algorithm__c, key, data); | |
String token = decrypted.toString(); | |
return token; | |
} | |
@AuraEnabled(cacheable = false) | |
public static String encryptToken(String plainToken) { | |
Blob key = EncodingUtil.base64Decode(MY_CUSTOM_SETTING_INSTANCE.Secure_Secret__c); | |
Blob data = Blob.valueOf(plainToken); | |
Blob crypted = Crypto.encryptWithManagedIV(MY_CUSTOM_SETTING_INSTANCE.Algorithm__c, key, data); | |
String token = EncodingUtil.base64Encode(crypted); | |
return token; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* getSessionAccessToken. Recover an encrypted session stored token and invoke Apex for decryption | |
* encryptToken. Take the plain token, invoke Apex for encryption and store encrypted value in sessionStor | |
*/ | |
const getSessionAccessToken = function() { | |
return new Promise(function(resolve, reject) { | |
var token = window.sessionStorage.getItem(SESSION_TOKEN_KEY); | |
if (token !== undefined && token !== null) { | |
decryptToken({ | |
encryptedToken: token | |
}) | |
.then(accessToken => resolve(accessToken)) | |
.catch(error => reject(error)); | |
} else { | |
reject(new Error("No cached token found")); | |
} | |
}); | |
}; | |
encryptToken({ | |
plainToken: payload.access_token__c | |
}).then(encrypted => { | |
window.sessionStorage.setItem(SESSION_TOKEN_KEY, encrypted); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment